Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Android Malware Robs Bandwidth For Fake Searches

timothy posted more than 3 years ago | from the what-would-the-appropriate-penalty-be? dept.

Android 236

adeelarshad82 writes "We've been hearing about various Android malware spreading through the Chinese markets. Well, here's another one to look out for: meet ADRD (aka Trojan:Android/Adrd.A) which is expert in sucking your bandwidth. The malware downloads a list of search URLs and then performs those searches at random in the background, which as the screen shots [in the linked article] show leads to excessive data charges. Similar to other Android malware this too is distributed through wallpapers which are infected repackaged versions of legit wallpapers." Adds reader Trailrunner7: "Lookout, a mobile security vendor, said it has identified 14 instances of the malware repackaging itself in various wallpaper apps and specifically in the popular game RoboDefense, made available in alternative application markets. The trojan works by duping an infected app into sending encrypted data containing the device’s IMEI and IMSI to a remote host. HongTouTou then receives a set of search engine target URIs and search keywords to send as queries. It then uses these keywords to emulate search processes, creating searches in the search engine yielding the top results for those keywords and clicking on specific results. To the search engine, the searches appear to be coming from a mobile user using a mobile web browser with User-Agent corresponding to the UCWeb browser."

cancel ×

236 comments

Sorry! There are no comments related to the filter you selected.

So remind me again... (1, Troll)

Nova Express (100383) | more than 3 years ago | (#35239586)

...why Apple's "Walled Garden" for the iPhone is such a bad thing?

Re:So remind me again... (4, Informative)

vinng86 (1978262) | more than 3 years ago | (#35239658)

The iOS app store can have it's fair share of malware too. It's easy to hide snooping software behind a simple game for example. In fact, all apps can access the contacts list, recent youtube searches, email settings and even non-password field keystrokes [cnet.com] . When developers submit apps they only submit the binary and not the source code so Apple's app approval monkeys basically only cover what they can see. This "walled garden" argument is stupid for this reason.

Re:So remind me again... (1, Interesting)

clang_jangle (975789) | more than 3 years ago | (#35240088)

If you're a registered iOS dev you have a CC on file with Apple. Doesn't make it impossible for malware authors, but it appears to raise the bar enough. No-one wants to pay Apple just to end up banned for shenanigans.
I still feel my Blackberry is the best device for security, but then we're pretty much all forced to use relatively insecure networks so maybe it's not the biggest deal.

Re:So remind me again... (5, Insightful)

Anonymous Coward | more than 3 years ago | (#35240216)

If you're a registered iOS dev you have a CC on file with Apple.

And surely the large, well-financed criminal organizations behind most modern malware could never possibly obtain a credit card number that's not their own.

Re:So remind me again... (1)

PitaBred (632671) | more than 3 years ago | (#35240374)

It's $99 to sign up as a developer. As long as you make more than $99 before you get banned, you're coming out ahead.

Re:So remind me again... (3, Informative)

adolf (21054) | more than 3 years ago | (#35240392)

Pre-paid Visa cards are available at Wal-Mart for $3.

Becoming an IOS dev costs, what, $99?

So it costs just $102, then, to get a shot at pushing some malware which will hopefully make the author(s) some money. This really isn't a very high bar.

Re:So remind me again... (2)

clang_jangle (975789) | more than 3 years ago | (#35240592)

As I said, it appears to be high enough. Anyone can put together malware for android and get it distributed with no investment other than the time and effort it takes. To put an app in Apple's store is not only not free, it's also not a sure thing your app will be approved. And finally, there is no money in Android, whereas quite a number of people do make a living developing iOS apps.

Of course, the fact that there is very little malware for iOS and tons of it for Android tends to confirm it as well. Personally, I love Linux and think it's a damned shame that Android becomes the first widely-distributed, mainstream version, because it's really a crappy OS security-wise.

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35240612)

Of course, the fact that there is very little malware for iOS and tons of it for Android tends to confirm it as well.

[Citation Needed]

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35240652)

And finally, there is no money in Android, whereas quite a number of people do make a living developing iOS apps.

[Another Citation Needed]

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35240694)

here [lmgtfy.com] and here [lmgtfy.com] , retard.

Re:So remind me again... (1)

monkyyy (1901940) | more than 3 years ago | (#35240524)

ive herd of scams that pull 100 dollars out per person

Re:So remind me again... (0)

clang_jangle (975789) | more than 3 years ago | (#35240600)

Oh yeah? Where'd ya git that there herd? I might want to pick one up fer mahsayelf.

Re:So remind me again... (1)

Skuld-Chan (302449) | more than 3 years ago | (#35240662)

Same for the Android marketplace - they do a credit background check on all publishers.

Oh wait - this is a Chinese app store and I doubt many of the submitters even have credit.

Re:So remind me again... (-1, Redundant)

Skuld-Chan (302449) | more than 3 years ago | (#35240666)

Same for the Android marketplace - they do a credit background check on all publishers.

Oh wait - this is a Chinese app store and I doubt many of the submitters even have credit...

Re:So remind me again... (2)

macs4all (973270) | more than 3 years ago | (#35240624)

The iOS app store can have it's fair share of malware too. It's easy to hide snooping software behind a simple game for example. In fact, all apps can access the contacts list, recent youtube searches, email settings and even non-password field keystrokes [cnet.com] . When developers submit apps they only submit the binary and not the source code so Apple's app approval monkeys basically only cover what they can see. This "walled garden" argument is stupid for this reason.

However, although you may very well be correct about the technical potential being there; why don't we keep seeing a monthly parade of the same sort of stories of ACTUAL, REAL-WORLD examples of THEORETICAL iOS vulnerabilities ACTUALLY being exploited to steal user data, like we do with Android?

Maybe something to do with the fact that the DEVS. must first REGISTER with Apple, before they can get their App. even CONSIDERED for inclusion in the iOS App Store. That process alone apparently is enough (I would wager even without Apple's code review process) to make crooks think twice about even TRYING to publish malware on the App Store.

Kind of the same reason why a bank robber (at least a sane one) would never attempt to rob at gunpoint, the bank at which he has an account.

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35240718)

Capitalization jackassery aside, there are several possible explanations. You are making a whole bunch of UNREASONABLE simplifying assumptions about the situation. And actually, you do have to register with Google to publish in the Android Market Place, which is actually irrelevant because the malware from this story was distributed though a DIFFERENT *stomps foot* NON-GOOGLE app store. For one, you don't have to buy a Google computer or Android phone to do any sort of development for Android. So it's quite a bit simpler to do security work on Android. Plus, you don't have to worry about Apple's overly litigious nature, a nature which helps keep zero day vulnerabilities undisclosed and unfixed. Given the very, very closed iOS environment, it is likely much easier to keep malware hidden and undiscovered.

Why would someone trying to publish malware in the iOS App Store have to use their real identity? I'm fairly sure any successful malware distributor can get some fake credentials past Apple. Why would someone attempting to publish malware in the iOS App Store have any sort of attachment to any specific account with Apple? So your malware is discovered, your app is removed, and your account is no longer valid. Move on to the next set of fake credentials you have.

Re:So remind me again... (2)

tak amalak (55584) | more than 3 years ago | (#35239662)

Apparently

mkdir android ; cd android ; repo init -u git://android.git.kernel.org/platform/manifest.git ; repo sync ; make

is supposed to shut iPhone users up. Or something.

Re:So remind me again... (1)

Americano (920576) | more than 3 years ago | (#35240264)

As always, I'm gobsmacked by the openness!

Re:So remind me again... (4, Insightful)

vux984 (928602) | more than 3 years ago | (#35239688)

...why Apple's "Walled Garden" for the iPhone is such a bad thing?

Because you can't choose not to use it.

The non-story here is that people carelessly installing bad software from ALTERNATIVE android marketplaces got malware.

Newsflash, if you want assurances of software without malware, don't shop at the internet equivalent of the chinatown night markets.

If you want to be as safe as apple's walled garden, stay within the official marketplaces and you get that.

Re:So remind me again... (2, Insightful)

genghisjahn (1344927) | more than 3 years ago | (#35239716)

Then what's the difference between Apple's app store and the Official Market Place? If I have one official app store to choose from and hundreds of malware infected stores...how is that a choice?

Re:So remind me again... (2)

Draek (916851) | more than 3 years ago | (#35239762)

Because there's nothing preventing another trusted store to open up, as it happened with Palm, Java-capable dumbphones and hell, even desktops PCs. With Apple, it's their way or the highway and if you don't like it too bad so sad, now try to find a security bug to exploit so you can gain control of your own goddamned phone.

Re:So remind me again... (1)

genghisjahn (1344927) | more than 3 years ago | (#35239792)

Trusted by who? How do I know an alternate Android market place is legit?

Re:So remind me again... (1)

Anonymous Coward | more than 3 years ago | (#35239890)

How do you know the 'official' marketplace is legit?

Re:So remind me again... (2)

Draek (916851) | more than 3 years ago | (#35239892)

The same way you know a software download website is legit: word-of-mouth, user reviews, past experiences, the trust of other websites you already trusted beforehand and so on.

You know, the same way you got to trust Our Holiness Stevie in the first place, as I doubt you were his classmate in high school or such.

Re:So remind me again... (2)

thetartanavenger (1052920) | more than 3 years ago | (#35239804)

I'd rather have hundreds of alternative malware infected stores than to let someone else tell me what I can or cannot install. That's the choice.

Re:So remind me again... (0)

genghisjahn (1344927) | more than 3 years ago | (#35239866)

But you can have approved apps on the Apple appstore and write your own apps and install them. Just join the developer program ($99), write your xCode and install it on your phone. Bam! Mr. Jobs doesn't come and tell you you can't do it. It's legit.

Re:So remind me again... (3, Insightful)

h4rr4r (612664) | more than 3 years ago | (#35239992)

So how do I do that without paying Mr. Jobs for the privilege of using something I already bought?

Re:So remind me again... (1)

Lucky75 (1265142) | more than 3 years ago | (#35240090)

Don't forget the privilege of writing an Apple App. And then for the privilege of selling it.

Re:So remind me again... (0)

h4rr4r (612664) | more than 3 years ago | (#35240144)

You left out the mac you have to buy to be allowed to even attempt such a thing.

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35240364)

Do I have to already be a trendy hipster, or will that come with owning all the Apple products? Do I at least get a turtleneck for my $99?

This is a very good point. (1)

apparently (756613) | more than 3 years ago | (#35240228)

But you can have approved apps on the Apple appstore and write your own apps and install them. Just join the developer program ($99), write your xCode and install it on your phone. Bam! Mr. Jobs doesn't come and tell you you can't do it. It's legit.

This is exactly how it works in the corporate world. Just today, the head of my accounting department was fretting over the cost of a new GL package she needed to purchase. I was all "50 grand? Dude, why not just download Visual Studio Express and code that shit ourselves?" That conversation was at noon, and by 5:30 we had already skipped over the alpha version and were pussy deep in testing out the beta.

Re:So remind me again... (1)

h4rr4r (612664) | more than 3 years ago | (#35239980)

Because Amazon could start another legit market, or maybe you could write your own apps?

Re:So remind me again... (1)

dudpixel (1429789) | more than 3 years ago | (#35240454)

shopping on an app store that contains infected apps is not a guarantee that your phone will get malware on it.

The golden rule is "dont download apps you dont trust".

that said, it would make me wary of anything on those alternative stores...

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35239728)

So... stick to Google's walled garden?

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35239776)

"Because you can't choose not to use it."
http://cydia.saurik.com/ [saurik.com]

Re:So remind me again... (1)

Lucky75 (1265142) | more than 3 years ago | (#35240096)

Except you don't need to root your android phone to install alternative apps. Of course you can do it if you have root access.

Re:So remind me again... (1)

ducomputergeek (595742) | more than 3 years ago | (#35240252)

Really? Because the last time I checked, most Android phones had to be rooted if you wanted to install the latest versions of the OS.

Re:So remind me again... (4, Informative)

SCPRedMage (838040) | more than 3 years ago | (#35240540)

Yes, because installing third party firmware is EXACTLY like installing applications, which is what the thread has been about.

YES, you need to root most Android phones in order to install third party firmware, such as CyanogenMod. NO, you do not need to root your Android phone in order to install apps that haven't been explicitly allowed by the phone's manufacturer, included alternative app stores.

Protip: Strawman arguments work significantly better when they aren't so bloody obvious.

Re:So remind me again... (1)

SuperKendall (25149) | more than 3 years ago | (#35240722)

Yes, because installing third party firmware is EXACTLY like installing applications, which is what the thread has been about.

It is when you have to install the firmware to run the applications.

YES, you need to root most Android phones in order to install third party firmware, such as CyanogenMod. NO, you do not need to root your Android phone in order to install apps that haven't been explicitly allowed by the phone's manufacturer.

You do if they will not run on your shipped version of the OS.

Protip: Strawman arguments work significantly better when they aren't so bloody obvious.

Protip: When you blow on the straw and find brick underneath - that ain't straw.

Re:So remind me again... (1)

Anonymous Coward | more than 3 years ago | (#35239874)

Because you can't choose not to use it.


That's not entirely true. Neither the Developer Enterprise Program, nor Ad-hoc Distribution require going through the AppStore. However, both impose some distribution limitations. For the EP, you can only distribute "in house", while Ad-hoc imposes a 100 device limit per developer account.

Re:So remind me again... (1)

CastrTroy (595695) | more than 3 years ago | (#35240254)

I've often wondered about this. Couldn't one start a shell company, or some kind of Co-op, "hire" all their friends or anybody who wanted to run their software, and distribute apps to basically anyone, completely going around Apple for app distribution?

Re:So remind me again... (1)

Lehk228 (705449) | more than 3 years ago | (#35240536)

if you want to take on the legally precarious position of technically being a bunch of people's employer go right ahead.

Re:So remind me again... (4, Insightful)

Gadget_Guy (627405) | more than 3 years ago | (#35240196)

If you want to be as safe as apple's walled garden, stay within the official marketplaces and you get that.

The other alternative would be if the OS asked for user permission before an application could access the internet (just one time, not every time). This is what my old Nokia (running Symbian) used to do. It works the same way as how the iPhone prompts to allow programs to use location services.

I am more worried that a program leaks data or uses all my download quota much more than whether it knows where I am.

Re:So remind me again... (3, Interesting)

willy_me (212994) | more than 3 years ago | (#35240416)

The other alternative would be if the OS asked for user permission before an application could access the internet (just one time, not every time).

Not very effective because almost all applications use the internet - at least a little. What would be good is if the application made a request to use the internet and provided an estimated maximum amount used in the dialog. For example, screensaver X requests to use the internet and estimates that it will use under 2MB per month. Now the user knows more about what is happening and the OS can ensure the app does not break it's promise. Advanced settings might even allow the user to restrict the application to specific domains.

While this does not offer a complete solution, it would help prevent apps from running up usage charges.

Re:So remind me again... (2)

SuperKendall (25149) | more than 3 years ago | (#35240740)

For example, screensaver X requests to use the internet and estimates that it will use under 2MB per month. Now the user knows more about what is happening and the OS can ensure the app does not break it's promise.

And you guys wonder why Apple gets such a large marketshare...

And now I see how the UAC got to be the way it was, over many discussions of what is "reasonable" just like that one.

Re:So remind me again... (1)

Wallslide (544078) | more than 3 years ago | (#35240708)

If you want to be as safe as apple's walled garden, stay within the official marketplaces and you get that.

The other alternative would be if the OS asked for user permission before an application could access the internet (just one time, not every time).

Android already does this. When installing an app, it displays all the permissions an app can use, and you get to accept or reject the app at that point. After accepting and then installing the application you no longer get prompted. Network Access is one of the permissions that must be requested by the app.

Re:So remind me again... (1)

ducomputergeek (595742) | more than 3 years ago | (#35240448)

Certainly you can choose not to use it: don't buy an iPhone if you don't like their walled garden approach.

Re:So remind me again... (1)

Anonymous Coward | more than 3 years ago | (#35240468)

Because you can't choose not to use it.

Great, another liar trying to claim that steve jobs personally came to your house and held a gun to your head and forced you to buy an iPhone.

Get over yourself, you have all the choice in the world to use it or not.

Re:So remind me again... (-1)

Anonymous Coward | more than 3 years ago | (#35239706)

Attention mods, just because you don't like a comment doesn't make it a troll.

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35239808)

No, the fact that it's a troll makes it a troll.

Re:So remind me again... (1)

genghisjahn (1344927) | more than 3 years ago | (#35239814)

Attention Anonymous Cowards! Let sleeping dogs lie, okay? Don't give 'em an excuse.

Re:So remind me again... (1)

Anonymous Coward | more than 3 years ago | (#35239922)

Well... At least Android has some alternative security apps, such as DroidWall:
http://code.google.com/p/droidwall/

I don't think iOS has any equally powerful firewall apps.

Re:So remind me again... (4, Insightful)

h4rr4r (612664) | more than 3 years ago | (#35239958)

If you stick to the market for android you would not get these trojans either. The fact that you are not forced too is a good thing.

Re:So remind me again... (0)

shoehornjob (1632387) | more than 3 years ago | (#35240146)

..why Apple's "Walled Garden" for the iPhone is such a bad thing?

The parent should not have been modded down by some android lovin fanboy as he has a valid point. I don't always agree with walled gardens but if you figure how much sensitive information is on these phones it looks like a good idea for some people. Disclaimer Yes I do own the current Iphone and no I am no fanboy. Considering all the bad shit I've seen about smartphones I think this is my last.

Re:So remind me again... (1)

dudpixel (1429789) | more than 3 years ago | (#35240434)

The walled garden is not perfect either (how could it be?).

I believe there is a happy medium...and Google would do well to find a solution to this problem before we all require anti-virus apps on our android phones.
They went after something like the windows model, but surely we dont want to copy ALL of it...

Re:So remind me again... (0)

Anonymous Coward | more than 3 years ago | (#35240594)

You are right. Sell your computer and buy and Xbox or a Playstation. No more trojan for you.
But if you don't matter, I will keep my PC and my Android.

We're Not Surprised (2)

WrongSizeGlass (838941) | more than 3 years ago | (#35239588)

It's not surprising that malware vendors are focusing on the fastest growing segment of the computer market. Android is going to be attacked with malicious intent from all sides. It's all part of the game: Success == Target

I guess it's running fake searches to up the 'autofill' for items on Google? Let's just hope it's not searching for iPhone related items. Man, wouldn't that be embarrassing?

Re:We're Not Surprised (0)

Anonymous Coward | more than 3 years ago | (#35239660)

It's not surprising that malware vendors are focusing on the fastest growing segment of the computer market. Android is going to be attacked with malicious intent from all sides. It's all part of the game: Success == Target

The fact that it's an open and easy target makes it even less surprising!

Re:We're Not Surprised (1, Insightful)

Anonymous Coward | more than 3 years ago | (#35239694)

The fact that Android's highly permissive APIs enable developers to create background services that run indefinitely and without any obvious signs to end users might have something to do with it too...

Re:We're Not Surprised (1)

h4rr4r (612664) | more than 3 years ago | (#35240040)

I agree useful stuff can be used for bad. There are two ways to deal with that though, get rid of useful stuff or try to manage any issues. I prefer to keep the useful stuff.

Here we go. (-1)

Anonymous Coward | more than 3 years ago | (#35239594)

Now, where's that walled refuge?

Re:Here we go. (0)

Anonymous Coward | more than 3 years ago | (#35239680)

It's full of smug fanboys patting eachother on the back and there's no room left.

Re:Here we go. (0)

Anonymous Coward | more than 3 years ago | (#35239884)

And the Fandroids are doing what again? They're being full of Schmidt. He'll steal your data then sell it back to you and everyone else. No thanks. I was on the fence and supportive of Android until this.

Just. Opt. Out.

One serious question: Why? (2)

zooblethorpe (686757) | more than 3 years ago | (#35239604)

So was this malware put together by, on on the orders of, a mobile company itself, seeking to boost revenues? What other reasons would there be for this malware to exist? Does simply searching for terms do something for SEO?

Curious,

Re:One serious question: Why? (3, Insightful)

yuna49 (905461) | more than 3 years ago | (#35239690)

Thanks for asking this. I was left scratching my head after reading the blurb, too. Other than simple malicious behavior like draining batteries and running up account charges, is there some deeper purpose to this piece of crap?

Re:One serious question: Why? (1)

Anonymous Coward | more than 3 years ago | (#35239860)

I believe the intent is to improve the position of certain sites in search results.
Though if that is the case, it would seem like a good way to find the person/people that wrote the virus.

Re:One serious question: Why? (1)

adolf (21054) | more than 3 years ago | (#35240480)

Though if that is the case, it would seem like a good way to find the person/people that wrote the virus.

This is not a virus.

Re:One serious question: Why? (1)

John Hasler (414242) | more than 3 years ago | (#35239928)

Perhaps it is supposed to do more but is buggy?

Re:One serious question: Why? (1)

olsmeister (1488789) | more than 3 years ago | (#35240432)

Good question. Or someone who owns a lot of Apple stock?

Re:One serious question: Why? (0)

Anonymous Coward | more than 3 years ago | (#35240658)

Looks like attempting to game the search engine. Move links to the malware to the top of the page.

Re:One serious question: Why? (0)

Anonymous Coward | more than 3 years ago | (#35240696)

Towards the bottom of the writeup it says the malware clicks on specific results. Search engines tend to watch what gets clicked on their results pages. For example, if result number 10 (the spam site) gets tons of clicks it could be moved up based on popularity.

it's coming... (3, Funny)

esoterus (66707) | more than 3 years ago | (#35239610)

McAfee for Droid... ugh

Re:it's coming... (1)

WrongSizeGlass (838941) | more than 3 years ago | (#35239622)

McAfee for Droid... ugh

McAfee + Mobile Phone = Hot Brick In Your Pocket

Stewie: Oh joy! I can't wait to get one

It's here (3, Informative)

alostpacket (1972110) | more than 3 years ago | (#35239732)

They already (sadly) make it: http://blogs.mcafee.com/enterprise/mobile/mcafee-for-android-a-mobile-security-update [mcafee.com]

Honestly though I'm tired of Lookout Mobile doing this fear mongering. I'll give them credit though, they are smart guys -- and based on their defcon presentation, they know a lot about Android sercurity. But stop with the scare tactic PR news stories. This would be akin to saying "Virus found on The Pirate Bay, news at 11." I know they need PR because they are a startup, but c'mon.

Re:it's coming... (1)

BLToday (1777712) | more than 3 years ago | (#35239774)

Coming? It's already there. Search the Marketplace, there are already security applications. I think there's one from AVG.

They're right (3, Funny)

Divebus (860563) | more than 3 years ago | (#35239612)

This is PC vs Mac all over again.

Amen! (1, Interesting)

Weezul (52464) | more than 3 years ago | (#35240422)

It's all downhill for iOS from here on. Jobs will kick the bucket ending both the reality distortion field and Apple's market responsiveness.

Android will gradually take most developers and users by virtue of being "just open enough", much like Windows. We've even got Blackberry going for Android apps, ala Dr. DOS. A behemoth spewing a billion dollars on marketing and payola pushing their unwanted child called WP7 (OS2). And we'll all end up running MeeGo (Linux) on phones originally designed to run Android.

Imho, we should continue pushing for MeeGo on the phone because the whole Android plus Debian on a dual core phone sounds silly & slow, well plus Maemo has a better user interface and better phone functionality than Android. (gsm, sip, and skype calls are integrated)

Re:Amen! (1)

ducomputergeek (595742) | more than 3 years ago | (#35240562)

I'm not so sure on the developers front. My experience this past year releasing apps for both Android and iOS was that sure I had more downloads of the free "lite" app from android, but iOS accounted for well over 80% of my revenue. And the type of apps I produced really don't work for advertising. I used Admob for both platforms. They are utility apps, not content apps so you don't get a lot of impressions. Problem is, Android takes more of my time to sort out minor problems between OS versions and handset hardware issues. And now add to that Amazon jumping in I would have to get another developers account and play by another set of rules.

Re:Amen! (0)

Anonymous Coward | more than 3 years ago | (#35240640)

I'd rather earn 20% developing for an open platform than 80% developing for a closed one. Because in the long run it's better to support the platform looking out for the consumer's best interests. That said, as a rule of thumb I don't buy software on the Android Marketplace anyway (the free stuff is fine for my needs) so it's a moot point as far as I'm concerned.

About time... (0)

Anonymous Coward | more than 3 years ago | (#35239616)

Good bye link farming, hello click farming.

The imortant part of the article: (2)

NMercy (1076683) | more than 3 years ago | (#35239764)

"It does not affect any apps in their original versions available on the Google Android Market."

So pretty much you stay away from the untrusted markets where they download the app from the trusted market, append virus, rinse, and repeat and you should be pretty good...

Not in Android Market ... (2)

fnkld (1998646) | more than 3 years ago | (#35239780)

... (yet) according to the article. It's affecting users in China who get repackaged apps from alternative-market Chinese sites. There been reports of suspicious apps on the official Android Market, but they are very few and quickly removed (http://bit.ly/5FOeM3). Does anyone know if there has ever been a confirmed threat? FTA: As of now, Lookout Security is only aware of the HongTouTou Trojan affecting users on Chinese forums. It does not affect any apps in their original versions available on the Google Android Market.

Wait... (1)

Anonymous Coward | more than 3 years ago | (#35239796)

Wallpaper APPS?!?!? Why in gods name would you need to package wallpaper in an executable, that's a security issue waiting to happen...

Re:Wait... (1)

Kakari (1818872) | more than 3 years ago | (#35239904)

Well if Microsoft did it, it must be good. ...Wait a second...

Re:Wait... (1)

WhyCause (179039) | more than 3 years ago | (#35240686)

Live wallpapers are programs that write to an always-visible canvas, and thus need to be installed.

Some wallpaper apps keep their libraries online, and provide an easy-to-browse catalog of images. You only download the ones you want.

Oh look! (1)

Anonymous Coward | more than 3 years ago | (#35239812)

Bing's found another way to scrape Google's search results!

It's spamming Google Trends / Suggest / Instant (4, Insightful)

Animats (122034) | more than 3 years ago | (#35239826)

If it's doing searches in bulk like that, it's a search spam program. It's exploiting a vulnerability in Google.

Google Trends [google.com] lists "hot searches", what's being searched for in Google in recent hours. Google Trends drives Google Suggest, the hinting system for Google. That in turn drives Google Instant. Which, in turn, aims users at the target sites. Which are probably full of ads. Profit!

Spamming of Google Trends has been around for a while. It used to be easier, and you'd see things like the name of some mattress discounter at the top of Google Trends for 15 minutes or so. (I ran a program to follow the trends in Google Trends for a while. It was amusing.) Google seems to now be averaging over more hours, so the spammers have to up their game and use a distributed attack to push their keywords up.

This is the trouble with "crowdsourcing" recommendations. It's too easy to fake a crowd. Yelp, CitySearch, Google Places - they're all choked with recommendation spam. Anonymous recommendations are junk information. And no, requiring a Facebook account won't help. There's an app for that. [facebookdevil.com]

Google is now trying a "mark as spam" button in Chrome to identify "content farms". If that starts mattering, it will be spammed. The same applies to Blekko's "slashtags".

Re:It's spamming Google Trends / Suggest / Instant (2)

drougie (36782) | more than 3 years ago | (#35240076)

Yeah search master? You sure it's not using Baidu?

From the source..

After few http requests sent back and forth, it gets a URL to connect in the background (in this case analyzed): http://wap.baidu.com/s?word=%E7%83%A8%E4%B9%8B%E5%9B%BD%E5%BA%A6&vit=uni&from=961a_w1 [baidu.com]

Re:It's spamming Google Trends / Suggest / Instant (-1)

Anonymous Coward | more than 3 years ago | (#35240390)

Android monitors searches to other search engines. Why do you think Google were complaining about Bing doing the same thing?

Re:It's spamming Google Trends / Suggest / Instant (0)

Anonymous Coward | more than 3 years ago | (#35240442)

This is the trouble with "crowdsourcing" recommendations. It's too easy to fake a crowd. Yelp, CitySearch, Google Places - they're all choked with recommendation spam. Anonymous recommendations are junk information. And no, requiring a Facebook account won't help. There's an app for that. [facebookdevil.com]

This is AWESOME!

I'm going to start using FB Devil today to do my part in making the data FB collects worthless.

OK Verizon, you made your point (1)

gearloos (816828) | more than 3 years ago | (#35239858)

Written by the service provider because the execs thought they needed a little more income? Not as far fetched as you think in China where the usual is whatever it takes to get what you want.

A little too convenient (0)

Anonymous Coward | more than 3 years ago | (#35240190)

After the recent Windows Phone 7 / Yahoo data suck incident. Trojan as corporate sabotage, perhaps?

Re:A little too convenient (0)

codepunk (167897) | more than 3 years ago | (#35240298)

The two Windows Phone 7 users I doubt even noticed.

Oh Look, A Non-Story (1)

Haedrian (1676506) | more than 3 years ago | (#35240198)

Be sure not to download anything from a source you don't trust, because then you might get viruses, and then bad things can happen.

Its incredibly stupid when stuff like this happens, because its not really 'malware' in the sense of Android having a flaw which allows code to be executed, but rather idiots who expressly give this permission to this code to run, when they get it from a non-trusted source.

User Error. If Problem persists consult your user vendor.

Re:Oh Look, A Non-Story (0)

Anonymous Coward | more than 3 years ago | (#35240622)

Yes, because 'user error', and 'stupid users' is always a good defense when talking about operating systems...

Wallpaper apps? (1)

steeleyeball (1890884) | more than 3 years ago | (#35240210)

Bwah ha ha ha...... Really? I always love it when people install cocktail umbrellas in thier swiss army knife.

So it's a Trojan, no big deal. (1)

Zelgadiss (213127) | more than 3 years ago | (#35240490)

It's just a trojan horse on an alternative app market.

Just like on the PC you have to exercise caution as to where you get your apps.

Good thing it's not a security vulnerability, like one that allows an attacker to get root access to a phone, that needs patching to fix.

Lisseurs Cheveux (-1)

Anonymous Coward | more than 3 years ago | (#35240494)

Le nouveau conçu Lisseurs Cheveux [ghdlisseurstyler.com] Appareils est l'outil style unique et ultime pour les cheveux courts à la fois les hommes et les femmes.

Wallpaper with internet connectivity? (1)

Michael Woodhams (112247) | more than 3 years ago | (#35240526)

My understanding* is that at install time, an Android app has to list what permissions it wants to be able to operate [android.com] . If I was installing some new wallpaper and it demanded internet access, I'd abort instantly. So does this attack only work against naive users?

* I don't have, and have not used, an Android or other smart phone

no source no use period end of story! (-1)

Anonymous Coward | more than 3 years ago | (#35240716)

WTF do you these guys think! IS this windows if there is no actual source for an app available do not use it...period. Linux kernel or not. Point of open source is exactly this. Trouble is we have Windows users doing android on cell phones!

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?